Login/Register
Stats
Combats
The Web War
CyberSec Drills
Recent
Search
Radar
News
Cybersec
Purple
MorningStar
Books
Attack Maps
ThreatButt
Fortiguard
Kaspersky
Multi-Search
Purple News
Feed list:
Reddit/r/redteamsec
Reddit/r/blueteamsec
Reddit/r/websecresearch
BlackhillsInfosec
Wildwesthackinfest
DarkNet
Kitsploit
blog.vulners
Medium.com
Twitter
Reddit/r/redteamsec
Reddit/r/blueteamsec
BlackhillsInfosec
Clear, Concise, and Comprehensive: The Formula for Great SOC Tickets
DLL Hijacking – A New Spin on Proxying your Shellcode
Blue Team, Red Team, and Purple Team: An Overview
Reconnaissance: Azure Cloud w/ Kevin Klingbile
Satellite Hacking
Proxying Your Way to Code Execution – A Different Take on DLL Hijacking
Enable Auditing of Changes to msDS-KeyCredentialLink
Monitoring High Risk Azure Logins
How to Put Yourself Out There – Networking on Social Media
How to Get a Job in Cybersecurity
Wildwesthackinfest
Throwback Thursday | I Got an Alert, Now What?
Throwback Thursday | Why Developers Hate Infosec
Throwback Thursday | Exploiting Persistent XSS
Throwback Thursday | Hackers in the Boardroom
Throwback Thursday | Tool Demo – Riverside
Throwback Thursday | The Fools Gold Rush to Compliance
Throwback Thursday | Is the PKI Sky Falling?
Throwback Thursday | What’s Old is Gold
Throwback Thursday | Wireless Attack Killchain for N00bs
Throwback Thursday | Six Things No One !@#$%^& Told Me About Pentesting
Reddit/r/websecresearch
DarkNet
Best EDR Of The Market (BEOTM) – Endpoint Detection and Response Testing Tool
AgentSmith HIDS – Host Based Intrusion Detection
padre – Padding Oracle Attack Exploiter Tool
Privacy Implications of Web 3.0 and Darknets
DataSurgeon – Extract Sensitive Information (PII) From Logs
Pwnagotchi – Maximize Crackable WPA Key Material For Bettercap
HardCIDR – Network CIDR and Range Discovery Tool
Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
CFRipper – CloudFormation Security Scanning & Audit Tool
CredNinja – Test Credential Validity of Dumped Credentials or Hashes
KitSploit
SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
Secator - The Pentester'S Swiss Knife
Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
Imperius - Make An Linux Kernel Rootkit Visible Again
BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
Psobf - PowerShell Obfuscator
ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
DockerSpy - DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More
Ashok - A OSINT Recon Tool, A.K.A Swiss Army Knife
CloudBrute - Awesome Cloud Enumerator
Hfinger - Fingerprinting HTTP Requests
VulnNodeApp - A Vulnerable Node.Js Application
XMGoat - Composed of XM Cyber terraform templates that help you learn about common Azure security issues
Extrude - Analyse Binaries For Missing Security Features, Information Disclosure And More...
BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike's Evasion Features!
Volana - Shell Command Obfuscation To Avoid Detection Systems
CyberChef - The Cyber Swiss Army Knife - A Web App For Encryption, Encoding, Compression And Data Analysis
NativeDump - Dump Lsass Using Only Native APIs By Hand-Crafting Minidump Files (Without MinidumpWriteDump!)
Sttr - Cross-Platform, Cli App To Perform Various Operations On String
PIP-INTEL - OSINT and Cyber Intelligence Tool
Thief Raccoon - Login Phishing Tool
X-Recon - A Utility For Detecting Webpage Inputs And Conducting XSS Scans
Blog.vulners.com
Medium.com
Google Dork: #red-team #red-teaming
#red-teaming
#red-team
#redteaming
#redteam
#pentest
#pentesting
#bug-bounty
#bugbounty
Twitter
#pentest, #networkpetnest, #netpentest
#redteam
#blueteam
#appsec
#bugbountytips